Device authentication method, service access control method, device, and non-transitory computer-readable recording medium

ABSTRACT

A device authentication method, a service access control method, a device, and a non-transitory computer-readable recording medium are provided. In the device authentication method, an authentication request device issues an authentication request transaction in a distributed ledger, and an authentication response device reads the authentication request transaction in the distributed ledger and performs authentication. Thus, no third-party authentication center or coordinate device is required to participate in an authentication handshake process, thereby reducing deployment overhead of an authentication system and improving efficiency of authentication and access service control.

CROSS-REFERENCE TO RELATED APPLICATIONS

The present application claims priority under 35 U.S.C. § 119 to ChineseApplication No. 201910318449.5 filed on Apr. 19, 2019. The entirecontents of which are incorporated herein by reference.

BACKGROUND OF THE INVENTION 1. Field of the Invention

The present invention relates to the field of device authentication, andspecifically, a device authentication method, a service access controlmethod, a device, and a non-transitory computer-readable recordingmedium.

2. Description of the Related Art

Device authentication is important for ensuring the security ofinformation access and transactions. For example, in security servicesof industrial monitoring systems and security services of environmentalmonitoring systems, it is usually necessary to identify a valid user ordevice, thereby allowing the valid user or device to access a largeamount of data of a monitoring terminal or a measuring terminal (such asa camera, an air or water quality measuring sensor). As another example,in an intelligent home or office system, it is necessary to identify avalid user or device, thereby controlling a terminal or accessingterminal data. In conventional authentication methods, a trustedthird-party server or a dedicated secure channel is usually required.

Here, the trusted third-party server may be a certificate authority (CA)of a public key infrastructure (PKI) system, or a local authenticationserver that maintains all device authentication information in a localarea network. The processing power of the third-party management serverlimits authentication efficiency. With the increasing popularity ofsmart mobile terminals and the rapid development of internet-of-things(IoT) technology, in a system including a large number of mobileterminals or IoT devices, if all devices are verified by interactingwith the third-party server, the performance of the third-party serverbecomes a bottleneck. Therefore, in conventional applications, onlyone-way authentication is performed, that is, the service providingdevice is authenticated, and the service request device is notauthenticated. In addition, the CA of the PKI requires a real-nameauthentication terminal, however real-name authentication is usually notnecessary in an IoT system, which brings additional overhead.

A secure channel usually requires specific hardware support. Forexample, it is necessary to install a subscriber identification module(SIM) of a mobile cellular network, or to deploy an encryption system inadvance. Therefore, the deployment cost of the authentication systemincreases, and the authentication system is not suitable for large-scaleapplications.

Thus, there is an urgent need for a low-cost device authenticationmethod.

SUMMARY OF THE INVENTION

According to an aspect of the present invention, a device authenticationmethod is provided. The device authentication method includesgenerating, by a first device, authentication request information;generating, by the first device, an authentication request transaction,and sending the authentication request transaction to a first devicechannel, the authentication request transaction including a public keyof the first device and a first hash value of the authentication requestinformation, and the first device channel being established on adistributed ledger; generating, by the first device, an authenticationrequest message that includes the authentication request information anddevice channel information of the first device channel, producing adigital signature of the authentication request message using a privatekey of the first device, and sending the digital signature to a seconddevice; and receiving, by the first device, an authentication responsemessage returned by the second device, the authentication responsemessage indicating whether authentication of the first device succeeds.

According to another aspect of the present invention, a deviceauthentication method is provided. The device authentication methodincludes receiving, by a second device, an authentication requestmessage sent by a first device, the authentication request messageincluding authentication request information and device channelinformation of a first device channel, and the first device channelbeing established on a distributed ledger; reading, by the seconddevice, an authentication request transaction on the first devicechannel based on the device channel information of the first devicechannel, the authentication request transaction including a public keyof the first device and a first hash value of the authentication requestinformation; verifying, by the second device, a digital signature of theauthentication request message using the public key of the first device,and performing an authentication test on the first device based on atleast the first hash value and obtaining an authentication result whenverification of the digital signature succeeds; and recording, by thesecond device, an authentication status of the first device based on theauthentication result, and sending an authentication response message tothe first device, the authentication response message indicating whetherauthentication succeeds.

According to another aspect of the present invention, a service accesscontrol method is provided. The service access control method includesrequesting, by a first device, a service list from a second device, andselecting a target service from the service list provided by the seconddevice; generating, by the first device, service request informationthat includes the target service and a service access token; generating,by the first device, a service request transaction, and sending theservice request transaction to a first device channel, the servicerequest transaction including a second hash value of the service requestinformation, and the first device channel being established on adistributed ledger; generating, by the first device, a service requestmessage that includes the service request information, producing adigital signature of the service request message using a private key ofthe first device, and sending the digital signature to the seconddevice; and receiving, by the first device, a service response messagereturned by the second device, the service response message indicatingwhether a service request is accepted.

According to another aspect of the present invention, a service accesscontrol method is provided. The service access control method includesreceiving, by a second device, a service list request message sent by afirst device, and providing a service list to the first device;receiving, by the second device, a service request message sent by thefirst device, the service request message including service requestinformation, and the service request information including a targetservice and a service access token; verifying, by the second device, adigital signature of the service request message using a public key ofthe first device when an authentication status of the first device issuccessful authentication, and reading a service request transaction ona first device channel based on pre-obtained device channel informationof the first device channel when verification of the digital signaturesucceeds, the service request transaction including at least a secondhash value of the service request information, and the first devicechannel being established on a distributed ledger; performing, by thesecond device, a service request test based on at least the servicerequest information and the second hash value, and obtaining a servicerequest test result indicating whether a service request is accepted;and sending, by the second device, a service response message to thefirst device based on the service request test result, the serviceresponse message indicating whether the service request is accepted.

According to another aspect of the present invention, a first device isprovided. The first device includes a first information generating unitconfigured to generate authentication request information; a firsttransaction generating unit configured to generate an authenticationrequest transaction, and send the authentication request transaction toa first device channel, the authentication request transaction includinga public key of the first device and a first hash value of theauthentication request information, and the first device channel beingestablished on a distributed ledger; a first message sending unitconfigured to generate an authentication request message that includesthe authentication request information and device channel information ofthe first device channel, produce a digital signature of theauthentication request message using a private key of the first device,and send the digital signature to a second device; and a first messagereceiving unit configured to receive an authentication response messagereturned by the second device, the authentication response messageindicating whether authentication of the first device succeeds.

According to another aspect of the present invention, a second device isprovided. The second device includes a second message receiving unitconfigured to receive an authentication request message sent by a firstdevice, the authentication request message including authenticationrequest information and device channel information of a first devicechannel, and the first device channel being established on a distributedledger; a first transaction obtaining unit configured to read anauthentication request transaction on the first device channel based onthe device channel information of the first device channel, theauthentication request transaction including a public key of the firstdevice and a first hash value of the authentication request information;an authentication processing unit configured to verify a digitalsignature of the authentication request message using the public key ofthe first device, and perform an authentication test on the first devicebased on at least the first hash value and obtaining an authenticationresult when verification of the digital signature succeeds; and a secondmessage sending unit configured to record an authentication status ofthe first device based on the authentication result, and send anauthentication response message to the first device, the authenticationresponse message indicating whether authentication succeeds.

According to another aspect of the present invention, a first device isprovided. The first device includes a service selecting unit configuredto request a service list from a second device, and select a targetservice from the service list provided by the second device; a secondinformation generating unit configured to generate service requestinformation that includes the target service and a service access token;a second transaction generating unit configured to generate a servicerequest transaction, and send the service request transaction to a firstdevice channel, the service request transaction including a second hashvalue of the service request information, and the first device channelbeing established on a distributed ledger; a third message sending unitconfigured to generate a service request message that includes theservice request information, produce a digital signature of the servicerequest message using a private key of the first device, and send thedigital signature to the second device; and a third message receivingunit configured to receive a service response message returned by thesecond device, the service response message indicating whether a servicerequest is accepted.

According to another aspect of the present invention, a second device isprovided. The second device includes a fourth message receiving unitconfigured to receive a service list request message sent by a firstdevice, provide a service list to the first device, and receive aservice request message sent by the first device, the service requestmessage including service request information, and the service requestinformation including a target service and a service access token; asecond transaction obtaining unit configured to verify a digitalsignature of the service request message using a public key of the firstdevice when an authentication status of the first device is successfulauthentication, and read a service request transaction on a first devicechannel based on pre-obtained device channel information of the firstdevice channel when verification of the digital signature succeeds, theservice request transaction including at least a second hash value ofthe service request information, and the first device channel beingestablished on a distributed ledger; a service request testing unitconfigured to perform a service request test based on at least theservice request information and the second hash value, and obtain aservice request test result indicating whether a service request isaccepted; and a fourth message sending unit configured to send a serviceresponse message to the first device based on the service request testresult, the service response message indicating whether the servicerequest is accepted.

According to another aspect of the present invention, an apparatus isprovided. The apparatus includes a memory storing computer-executableinstructions; and one or more processors. The one or more processors areconfigured to execute the computer-executable instructions such that theone or more processors carry out the above method.

According to another aspect of the present invention, a non-transitorycomputer-readable recording medium having computer-executableinstructions for execution by one or more processors is provided. Thecomputer-executable instructions, when executed, cause the one or moreprocessors to carry out the above method.

BRIEF DESCRIPTION OF THE DRAWINGS

In order to explain embodiments of the present invention more clearly,drawings used in the description of the embodiments of the presentinvention will be briefly introduced below. Note that the drawings aremerely exemplary drawings for explaining the embodiments of the presentinvention, and another drawing may be obtained based on the drawings bya person skilled in the art.

FIG. 1 is a schematic flowchart illustrating a device authenticationmethod according to an embodiment of the present invention;

FIG. 2 is another schematic flowchart illustrating the deviceauthentication method according to the embodiment of the presentinvention;

FIG. 3 is a schematic view illustrating an example of the deviceauthentication method according to the embodiment of the presentinvention;

FIG. 4 is a schematic view illustrating an example of an interactiveprocess of the device authentication method according to the embodimentof the present invention;

FIG. 5 is a schematic flowchart illustrating a service access controlmethod according to an embodiment of the present invention;

FIG. 6 is another schematic flowchart illustrating the service accesscontrol method according to the embodiment of the present invention;

FIG. 7 is a schematic view illustrating an example of an interactiveprocess of the service access control method according to the embodimentof the present invention;

FIG. 8 is a schematic block diagram illustrating a configuration of afirst device according to an embodiment of the present invention;

FIG. 9 is a schematic block diagram illustrating a configuration of asecond device according to an embodiment of the present invention;

FIG. 10 is a schematic block diagram illustrating another configurationof a first device according to an embodiment of the present invention;

FIG. 11 is a schematic block diagram illustrating another configurationof a second device according to an embodiment of the present invention;and

FIG. 12 is a schematic block diagram illustrating a hardware structureof a first device or a second device according to an embodiment of thepresent invention.

DESCRIPTION OF THE EMBODIMENTS

In the following, specific embodiments of the present invention will bedescribed in detail with reference to the accompanying drawings, so asto facilitate the understanding of technical problems to be solved bythe present invention, technical solutions of the present invention, andadvantages of the present invention. The present invention is notlimited to the specifically described embodiments, and variousmodifications, combinations and replacements may be made withoutdeparting from the scope of the present invention. In addition,description of conventional functions and structure is omitted forclarity and conciseness.

Note that “one embodiment” or “an embodiment” mentioned in the presentspecification means that specific features, structures orcharacteristics relating to the embodiment are included in at least oneembodiment of the present invention. Thus, “one embodiment” or “anembodiment” mentioned in the present specification may not be the sameembodiment. Additionally, the specific features, structures orcharacteristics may be combined in any suitable manner in one or moreembodiments.

Note that steps of the methods may be performed sequentially, howeverthe order in which the steps are performed is not limited to the recitedorder. Any step may be performed in parallel with or independently ofany other step.

As described above, there is a problem of an efficiency bottleneck orhigh deployment cost in a case where a conventional authenticationscheme is adopted in an IoT system that includes a large number ofdevices. In the anonymous distributed ledger-based authentication methodaccording to the present invention, no third-party server is required toparticipate in authentication, and the hardware overhead of anadditional secure channel is not required, thereby reducing cost ofauthentication. The authentication method according to the presentinvention is especially suitable for systems including a large number ofdevices, such as IoT systems.

An object of embodiments of the present invention is to provide a deviceauthentication method, a service access control method, a device, and anon-transitory computer-readable recording medium capable ofimplementing device authentication and service access control at a lowercost.

FIG. 1 is a schematic flowchart illustrating a device authenticationmethod performed by a first device. Here, the first device is anauthentication request device, the first device initiates anauthentication request to a second device, and the second deviceauthenticates the first device. Note that the scheme of theauthentication request in the embodiment of the present invention mayalso be applied to the authentication of the second device by the firstdevice, and the process is similar. Namely, referring to theauthentication process shown in FIG. 1 , the embodiment of the presentinvention may implement two-way authentication between the first deviceand the second device.

As shown in FIG. 1 , the device authentication method according to theembodiment of the present invention includes the following steps.

In step 11, the first device generates authentication requestinformation.

Here, the authentication request information may include challengeinformation, and the challenge information may specifically be arandomly generated random number. As an example, the authenticationrequest information may further include a timestamp indicating when theauthentication request information is generated, and deviceidentification information of the first device. Specifically, the deviceidentification information may be at least one of a device identifier(ID), a MAC address, an IP address, a device brand, and a device type ofa device.

In step 12, the first device generates an authentication requesttransaction, and sends the authentication request transaction to a firstdevice channel. The authentication request transaction includes a publickey of the first device and a first hash value of the authenticationrequest information. The first device channel is established on adistributed ledger.

Here, the authentication request transaction generated by the firstdevice includes the public key in asymmetric keys of the first device,and the first hash value of the authentication request information. Thefirst device sends the authentication request transaction to the firstdevice channel of the first device.

As an example, the first device channel of the first device isestablished on the distributed ledger. The first device channel is usedto record information of related transactions of the first device, therelated transactions include the authentication request transaction, andmay also include a key revocation transaction and a service requesttransaction described below.

As an example, when the distributed ledger is a blockchain, alltransactions on the first device channel are generated by a blockchainaccount of the first device that established the channel, and the firstdevice generates transactions based on a transaction generation methodof the blockchain. A channel pointer is included in the transaction. Thechannel pointer of the first transaction of the first device channel isnull, and the channel pointer of a transaction other than the firsttransaction is a hash value of a previous transaction on the firstdevice channel.

As another example, when the distributed ledger is an IOTA (that is, acryptocurrency for IoT), the first device channel may be a maskedauthenticated message (MAM) channel of an IOTA protocol, and the firstdevice generates transactions based on a method specified by the MAMchannel.

In addition, the first device may or may not be a node in thedistributed ledger a node in the distributed ledger, that is, the firstdevice may have an accounting module that writes transactions to thedistributed ledger or may not have the accounting module. Aftergenerating transactions in the respective methods of the above devicechannels, if the first device includes the accounting module, theaccounting module performs the operations for writing the ledger on thetransaction, thereby sending the authentication request transaction tothe first device channel. If the device does not include the accountingmodule, the first device may send related transactions to a publicaccounting node, and the public accounting node sends the transactionsto the device channel. Specifically, if the distributed ledger is ablockchain, the public accounting node may be a blockchain miner node;and if the distributed ledger is an IOTA, the public accounting node maybe an IOTA public node.

In step 13, the first device generates an authentication request messageincluding the authentication request information and device channelinformation of the first device channel, produces a digital signature ofthe authentication request message using a private key of the firstdevice, and sends the digital signature to a second device.

Here, the first device obtains the device channel information of thefirst device channel, after sending the authentication requesttransaction to the first device channel. As an example, when thedistributed ledger is a blockchain, the device channel informationincludes a blockchain account address of the first device, and a hashvalue of a last transaction on the first device channel. As anotherexample, when the distributed ledger is an IOTA, the device channelinformation includes an identifier (ID) of a MAM channel, and an addressof a first transaction on the MAM channel. Then, the first device sendsthe authentication request message signed by the private key to thesecond device. Here, the authentication request message includes theauthentication request information, and the device channel informationof the first device channel, such that the second device obtains theauthentication request transaction based on the device channelinformation of the first device channel, and authenticates the firstdevice based on the obtained authentication request transaction and theauthentication request information.

In addition, as another example, the first device may generate theauthentication request message including the authentication requestinformation in above step 11. Then, the first device may add the devicechannel information of the first device channel to the authenticationrequest message, produce the digital signature of the authenticationrequest message using the private key of the first device, and send thedigital signature to the second device.

In step 14, the first device receives an authentication response messagereturned by the second device. The authentication response messageindicates whether authentication of the first device succeeds.

Here, the second device returns the authentication response messageindicating whether the authentication of the first device succeeds tothe first device, after completing the authentication of the firstdevice based on the authentication request message.

By the above steps, the first device implements an authenticationhandshake process with the second device, and implements anauthentication process that does not depend on a third-party server or asecure channel. The implementation cost of the authentication process islow, and the authentication process can be applied to systems thatinclude a large number of terminal devices (such as IoT systems).

In addition, in order to provide key security, as an example, the firstdevice may periodically or aperiodically update the asymmetric keys(including the public key and the private key) of the first device, andgenerate a key revocation transaction after the update. The keyrevocation transaction includes the updated public key. Then, the firstdevice sends the key revocation transaction to the first device channel,thereby updating the public key of the first device.

FIG. 2 is a schematic flowchart illustrating a device authenticationmethod performed by a second device. As shown in FIG. 2 , the deviceauthentication method according to the embodiment of the presentinvention includes the following steps.

In step 21, the second device receives an authentication request messagesent by a first device. The authentication request message includesauthentication request information, and device channel information of afirst device channel, and the first device channel is established on adistributed ledger.

Here, the authentication request information in the authenticationrequest message may include a random number serving as challengeinformation, and may further include a timestamp indicating when theauthentication request information is generated, and the deviceidentification information of the first device. The deviceidentification information specifically includes at least one of adevice identifier (ID), a MAC address, an IP address, a device brand,and a device type.

In step 22, the second device reads an authentication requesttransaction on the first device channel based on the device channelinformation of the first device channel. The authentication requesttransaction includes a public key of the first device and a first hashvalue of the authentication request information.

Here, the second device may find and read the authentication requesttransaction on the device channel of the first device specified by theauthentication request message, after receiving the authenticationrequest message. The authentication request transaction includes thepublic key of the first device and the first hash value of theauthentication request information.

In step 23, the second device verifies the digital signature of theauthentication request message using the public key of the first device,and performs an authentication test on the first device based on atleast the first hash value and obtains an authentication result when theverification of the digital signature succeeds.

Here, in step 23, the digital signature is verified using the publickey, and the authentication test is further performed on the firstdevice when the verification of the digital signature succeeds.Specifically, the authentication test may include the followingauthentication items, and the authentication result indicating that theauthentication of the first device succeeds may be obtained, only whenall authentication items succeeds.

(1) A third hash value of the authentication request informationincluded in the authentication request message is calculated, and anauthentication result indicating whether a hash value authenticationsucceeds is obtained, based on whether the third hash value isconsistent with the first hash value.

In step 24, the second device records an authentication status of thefirst device based on the authentication result, and sends anauthentication response message to the first device. The authenticationresponse message indicates whether authentication succeeds.

Here, the second device may locally record the status indicating thatthe first device has been authenticated, when the authentication of thefirst device succeeds. Then, the second device may return theauthentication response message indicating the authentication result tothe first device.

As an example, after the first device is successfully authenticated, thesecond device may establish a first binding between the public key ofthe first device and the device channel information (such as adistributed ledger account) of the first device channel, therebysubsequently providing security services for the two devices.

As another example, after the first device is successfullyauthenticated, the second device may establish a second binding amongthe public key of the first device, the device channel information (suchas a distributed ledger account) of the first device channel and thedevice identification information, thereby subsequently providingsecurity services for the two devices.

By the above steps, the embodiment of the present invention implementsthe authentication process of the second device to the first device, thehandshake process in the authentication process is simplified, and thecost of the authentication process can be reduced. No third-partyauthentication center or coordinate device is required to participate inthe authentication process, thus deployment overhead of anauthentication system can be reduced, and the problem that anauthentication center serves as a bottleneck and limits systemefficiency can be solved, thereby improving efficiency ofauthentication. Furthermore, in the embodiment of the present invention,the reliability of the authentication request device can be judged basedon historical transaction records of the device channel on thedistributed ledger. Generally, the greater the number of the historicaltransaction records of the device channel are, the higher thereliability of the device is. In addition, in the embodiment of thepresent invention, no third-party authentication center is required toperform real-name verification on the authentication request device,thereby reducing deployment overhead of an authentication system.Furthermore, in the method of the embodiment of the present invention,anonymous authentication is supported, thereby improving privacy ofauthentication.

As an example, the authentication request transaction may include afirst timestamp indicating when the authentication request transactionis generated. The authentication request information may include arandom number, and device identification information of the firstdevice. In this case, the authentication items in step 23 may include atleast one of the following items.

(2) A first interval between a timestamp of receiving the authenticationrequest message and the first timestamp is calculated, and a test resultindicating whether timeout authentication succeeds is obtained, based onwhether the first interval is less than a predetermined first threshold.

(3) A test result indicating whether device validity authenticationsucceeds is obtained, based on whether the device identificationinformation in the authentication request information matches a sendingdevice of the authentication request message.

(4) Historical transaction records on the first device channel arequeried, and a test result indicating whether device reliabilityauthentication succeeds is obtained, based on whether the number of thehistorical transaction records is greater than a predetermined number.

When the authentication of all of the authentication items succeeds, theauthentication result indicating that the authentication of the firstdevice succeeds is obtained. When the authentication of any one of theauthentication items fails, the authentication is ended, no otherauthentication items are performed, and the authentication resultindicating that the authentication of the first device fails isobtained.

Note that during the authentication process of the above authenticationitems, the authentication may be performed in a predetermined order, andthe embodiment of the present invention is not limited to a specificexample.

The device authentication process of the embodiment of the presentinvention is introduced referring to the above steps. Similarly, theauthentication of the first device to the second device may also beperformed referring to the above process. In this case, only the rolesof the first device and the second device in the above process need tobe interchanged, and a detailed description thereof is omitted here.

Next, an interactive process in the above device authentication methodwill be described referring to FIG. 3 and FIG. 4 . The authenticationrequest device in FIG. 3 and FIG. 4 may be one of the first device andthe second device, and the authentication response device may be theother device of the first device and the second device.

Specifically, FIG. 3 shows an example of the device authenticationmethod according to the embodiment of the present invention. Theauthentication request device establishes a device channel on adistributed ledger, and writes an authentication request transaction tothe device channel. The authentication request transaction specificallyincludes a public key, device identification information, and randomchallenge information. The device identification information may includeat least one of a device identifier, a MAC address, an IP address, adevice brand, and a device type. The random challenge information mayinclude a random number, and may further include a timestamp. Theauthentication response device reads the device channel of theauthentication request device, verifies the random challenge informationand device identification information, and exchanges messages with theauthentication request device to complete the authentication handshakeprocess. After completing the authentication handshake process, abinding among a public key of the authentication request device, adistributed ledger account of the authentication request device, and thedevice identification information of the authentication request deviceis established, thereby providing subsequent security services for thetwo devices.

FIG. 4 shows an example of an interactive process of a distributedledger-based device authentication method according to the embodiment ofthe present invention. In FIG. 4 , the authentication request deviceestablishes an authentication request device channel in the distributedledger, sends an authentication request transaction to theauthentication request device channel, and further sends anauthentication request message to the authentication response device.The authentication response device receives the authentication requestmessage, reads the authentication request device channel, and performsan authentication test. Then, the authentication response device send anauthentication response message including an authentication result tothe authentication request device.

In order to facilitate the understanding of the above authenticationprocess of the embodiment of the present invention, a detailed examplewill be described below.

In this example, each device may establish the device channel of thedevice in the distributed ledger, and issue transactions on the devicechannel that can be read by other devices.

Specifically, the distributed ledger may be a blockchain. The deviceestablishes a blockchain account address on the blockchain. Alltransactions on the device channel are sent from the blockchain accountaddress of the device, and each transaction includes a hash value of theprevious transaction on the device channel. The hash value included inthe first transaction of the device channel is null. The device channelinformation includes the blockchain account address of the device, andthe hash value of the last transaction on the current device channel.

The distributed ledger may also be an IOTA, and the device channel maybe a Masked Authenticated Message (MAM) channel. The device randomlygenerates a root key, and generates a transaction address sequence usingthe root key according to the IOTA protocol rules. Each transactionincludes the address of the current transaction, and the address of thenext transaction on the MAM channel. The device channel informationincludes the address of the first transaction on the MAM channel.

Each device may generate an asymmetric key pair (including a public keyand a private key) according to conventional technologies, and theprivate key is securely stored locally. In the authentication handshakeprocess, the device sends an authentication request transactionincluding the public key to the device channel on the distributedledger. In addition, the device may also periodically update theasymmetric key pair and send the transaction to the device channel torevoke the public key before the update.

In each authentication handshake process, the request device generatesan authentication request message including authentication requestinformation. The authentication request information includes a randomnumber serving as challenge information, a timestamp, a device ID, a MACaddress, an IP address, a device brand, a device type, and any otherinformation for identifying the device. The request device generates anauthentication request transaction, including a timestamp, a public key,and a hash value of the above authentication request information, andsends the authentication request transaction to a device channel on thedistributed ledger. After sending the authentication requesttransaction, the device channel information is written into theauthentication request message, a digital signature of the requestauthentication message is produced using the private request key, andthe request authentication message is sent to the authenticationresponse device.

The authentication response device receives the authentication requestmessage, searches for the distributed ledger based on the device channelinformation included in the message, reads the authentication requesttransaction, obtains and stores the public key of the authenticationrequest device included in the authentication request transaction, andauthenticates the digital signature of the authentication requestmessage using the public key. If the digital signature is valid, theauthentication request message is further authenticated onauthentication items. The authentication items may include but are notlimited to the following items.

(A) A time interval between the local time and the timestamp included inthe authentication request transaction is calculated. If the timeinterval is greater than a specified timeout threshold, theauthentication result of the authentication item is a timeout, and theauthentication of the first device fails. Otherwise, the authenticationcontinues to the next authentication item.

(B) A hash value of the authentication request information included inthe authentication request message is calculated, and the hash value iscompared with a hash value of the authentication request informationincluded in the authentication request transaction. If the two hashvalues are not consistent, the authentication result of theauthentication item is a hash value error, and the authentication of thefirst device fails. Otherwise, the authentication continues to the nextauthentication item.

(C) The device information included in the authentication requestinformation is compared with source device information of theauthentication request message, which includes a device ID, a MACaddress, an IP address, a brand, a device type or the like. If theinformation is inconsistent, the authentication result of theauthentication item is an invalid device, and the authentication of thefirst device fails. Otherwise, the authentication continues to the nextauthentication item.

(D) Historical transactions on the device channel of the request deviceare queried. If the number of historical transactions is less than aspecified threshold, the authentication result of the authenticationitem is an unreliable device, and the authentication of the first devicefails.

If the above authentication of the authentication items are allsuccessful, the authentication result is that the authentication of thefirst device is successful. The authentication response device recordsthat the status of the authentication request device has beenauthenticated. Subsequently, the authentication response device may sendan authentication response message, which includes the authenticationresult of the first device, to the authentication request device. Theauthentication request device receives an authentication responsemessage, and determines that the authentication is successful, if theincluded authentication result of the first device is successful.

It can be seen from the above examples that the embodiments of thepresent invention can implement device authentication and service accesscontrol processes, without a trusted third-party server or a securechannel. In the authentication method of the embodiment of the presentinvention, the device completes authentication and challenge handshakeusing the distributed ledger, the authentication request device sendsthe authentication request message to the peer device, and sends theauthentication request transaction including the authenticationinformation and the challenge information to the device channel on thedistributed ledger. The peer device queries and reads the authenticationtransaction on the distributed ledger, and compares the transactioninformation with the received authentication information and thechallenge information to complete the verification. In the embodiment ofthe present invention, the device channel of the authentication requestdevice is established on the distributed ledger, and authenticationhistory transactions are recorded. The authentication historytransactions can be used as a credit value to evaluate the reliabilityof the device, thereby implementing the device authentication without atrusted third party or a secure channel provided by additional hardware.

In contrast to conventional technologies, the device authenticationmethod, the service access control method, the device, and thenon-transitory computer-readable recording medium according to theembodiments of the present invention can reduce the deployment cost ofan authentication system, and can solve the problem that anauthentication center serves as a bottleneck and limits systemefficiency. Furthermore, in the embodiments of the present invention, nothird-party authentication center or coordinate device is required toperform real-name verification on an authentication request device,thereby reducing deployment overhead of an authentication system. Inaddition, in the embodiments of the present invention, anonymousauthentication is supported, thereby improving privacy ofauthentication.

Next, a service access control method according to an embodiment of thepresent will be described.

The processes of applying the service access control method according tothe embodiment of the present invention to the first device and thesecond device, respectively will be described referring to FIG. 5 andFIG. 6 . Note that the processes in FIG. 5 and FIG. 6 may be executedafter the second device completes a one-way authentication of the firstdevice, or may be executed after the first device and the second devicecomplete a mutual authentication of both parties. In addition, beforethe processes in FIG. 5 and FIG. 6 , the authentication process in FIG.1 and FIG. 2 may not be performed, but another authentication method inconventional technologies may be adopted, or no device authentication isperformed between the first device and the second device. The embodimentis not limited to this.

As shown in FIG. 5 , when applied to a first device side, the serviceaccess control method according to an embodiment of the presentinvention includes the following steps.

In step 51, the first device requests a service list from the seconddevice, and selects a target service from the service list provided bythe second device.

Here, after receiving the service list returned by the second device,the first device may select a desired target service from the servicelist.

In step 52, the first device generates service request informationincluding the target service and a service access token.

Here, the service access token may be a payment transaction from thefirst device to the second device, which is recorded and confirmed bythe distributed ledger, or a digital payment receipt other than thedistributed ledger. The embodiment of the present invention is notlimited to this.

In step 53, the first device generates a service request transaction,and sends the service request transaction to a first device channel. Theservice request transaction includes a second hash value of the servicerequest information. The first device channel is established on thedistributed ledger.

Here, the service request transaction may further include a secondtimestamp indicating when the service request transaction is generated,such that second device tests the service request.

In step 54, the first device generates a service request messageincluding the service request information, produces a digital signatureof the service request message using a private key of the first device,and sends the digital signature to the second device.

In step 55, the first device receives a service response messagereturned by the second device. The service response message indicateswhether a service request is accepted.

Here, the first device receives a service response message. Then, thefirst device may start accessing the target service provided by thesecond device, if the service response message indicates that a servicerequest is accepted.

As shown in FIG. 6 , when applied to a second device side, the serviceaccess control method according to an embodiment of the presentinvention includes the following steps.

In step 61, the second device receives a service list request messagesent by the first device, and provides a service list to the firstdevice.

In step 62, the second device receives a service request message sent bythe first device. The service request message includes service requestinformation, and the service request information includes a targetservice and a service access token.

In step 63, the second device verifies a digital signature of theservice request message using a public key of the first device when anauthentication status of the first device indicates successfulauthentication, and reads a service request transaction on a firstdevice channel based on pre-obtained device channel information of thefirst device channel when verification of the digital signaturesucceeds. The service request transaction includes at least a secondhash value of the service request information, and the first devicechannel is established on a distributed ledger.

Here, the device channel information of the first device channel may beobtained in the process shown in FIG. 2 and stored locally in the seconddevice, or may be provided to the second device by another method, suchas a method of being pre-configured in the second device side. Theembodiment of the present invention is not limited this.

In step 64, the second device performs a service request test based onat least the service request information and the second hash value, andobtains a service request test result indicating whether the servicerequest is accepted.

In above step 64, the service request test may include the followingtest items, and obtain a service test result indicating that the servicerequest is accepted only when all the test items succeeds.

(1) A fourth hash value of the service request information included inthe service request message is calculated, and a test result indicatingwhether a hash value test succeeds is obtained, based on whether thefourth hash value is consistent with the second hash value.

(2) A test result indicating whether a token test succeeds is obtained,based on whether the service access token is a valid token.

In step 65, the second device sends a service response message to thefirst device based on the service request test result. The serviceresponse message indicates whether the service request is accepted.

By the above steps, the embodiment of the present invention canimplement the service access control process, and a third-partyauthentication center is not required to perform real-name verificationon an authentication request device in the above process, therebyreducing the deployment overhead of an authentication system, while alsoimproving the efficiency of access service control. In addition, in theembodiments of the present invention, anonymous authentication issupported, thereby improving privacy of access service control.

As an example, the service request transaction may further include asecond timestamp indicating when the service request transaction isgenerated. The test items further includes the following item.

(3) A second interval between a timestamp of receiving the servicerequest message and the second timestamp is calculated, and a testresult indicating whether a timeout test succeeds is obtained, based onwhether the second interval is less than a predetermined secondthreshold.

If the test of all of the test items succeeds, the service test resultindicating that the service request is accepted is obtained. If the testof any one of the test items fails, the test ends, no other test itemsare performed, and the service test result indicating that the servicerequest is not accepted is obtained.

Note that during the test process of the above test items, the test maybe performed in a predetermined order, and the embodiment of the presentinvention is not limited to a specific example.

As an example, when the service request test result indicating that theservice request is accepted is obtained, the second device may furtheradd the first device to a service access member list of the seconddevice. Then, the second device may generate a service access memberlist update transaction including the first device and the targetservice. Then, the second device may encrypt the service access memberlist update transaction using an encryption key (a symmetric key), andsend the service access member list update transaction encrypted by theencryption key to a service channel of the second device. Then, thesecond device may share the encryption key with a cooperative device ofthe second device. Here, the service channel is established on adistributed ledger, and provides the service access member list to thecooperative device of the second device, so that the cooperative deviceprovides one or more services to one or more members in the serviceaccess member list.

In this example, the transactions on the service channel may beencrypted using a symmetric key. If the establishment device of theservice channel (such as the first device) cooperates with anotherdevice (hereinafter referred to as a cooperative device) to provideservices, the establishment device may send the symmetric key to thecooperative device to share the service access member list. Thecooperative device may read the service access member list on theestablishment device using the symmetric key, and provide services to amember device included in the service access member list, aftercompleting mutual authentication with the member device.

FIG. 7 shows an example of an interactive process of the service accesscontrol method according to the embodiment of the present invention,which is applied between a service request device and a serviceproviding device. The service request device in FIG. 7 may be one of thefirst device and the second device, and the service providing device maybe the other device of the first device and the second device.

As shown in FIG. 7 , the service request device sends a service listrequest message to the service providing device to obtain a servicelist, selects a desired target service, sends a service requesttransaction to a service request device channel, and sends a servicerequest message to the service providing device. The service providingdevice receives the service request message, reads the service requesttransaction on the service request device channel of the service requestdevice, and performs a service request test. If the test succeeds, theservice providing device adds the service request device to the serviceaccess member list to update the service access member list, generates aservice access member list update transaction, encrypts the serviceaccess member list update transaction using an encryption key and sendsit to a service channel, and shares the encryption key with acooperative device that collectively provides services to the servicerequest device. In addition, the service providing device also sends aservice response message including a service test result to the servicerequest device.

As an example, in the process shown in FIG. 7 , each device mayestablish a device channel of the device in a distributed ledger, andissue transactions on the device channel, so that the transactions canbe read by other devices.

In order to facilitate the understanding of the above service accesscontrol process of the embodiment of the present invention, a detailedexample will be described below.

In this example, the service providing device establishes a servicechannel other than the distributed ledger. In a blockchain or an IOTAprotocol, the service channel establishing method is the same as theabove device channel establishing method. The service providing devicemay symmetrically encrypt the transaction sent to the service channelusing a service channel key. The transaction sent to the service channelincludes a service access member list update transaction, and theservice access member list includes user equipment that can legallyaccess the service within a specified time period. The service providingdevice may share the encryption key of the service channel with otherservice providing devices. Other service providing devices may read theservice access member list using the service channel key, and cooperatewith the device that establishes the service channel to provide servicesto user equipments in the service access member list.

After the service request device and the service providing device havecompleted mutual authentication, the service request device may obtain aservice list provided by the service providing device, select a desiredservice, and generate a service request message including servicerequest information. The service request information specificallyincludes a desired service and a service access token. The servicerequest device generates a service request transaction including atimestamp and a hash value of the service request information, and sendsthe service request transaction to the device channel of the servicerequest device. Then, the service request device produces a digitalsignature of the service request message using a private key, and sendsthe service request message to the service providing device.

Here, the service access token may be a payment transaction from theservice request device to the service providing device on thedistributed ledger, such as a bitcoin payment transaction on ablockchain, or a MIOTA payment transaction on an IOTA. The serviceaccess token may also be a receipt or a pay order of another digitalpayment channel.

After receiving the service request message, the service providingdevice first checks whether a source device of the service requestmessage has been authenticated. If the source device has been notauthenticated, the service request message is discarded (dropped); andif the source device has been authenticated, the digital signature ofthe service request message is verified using the stored public key ofthe source device, and a service request test is further performed ifthe digital signature is valid. The service providing device queries thedevice channel of the service request device, reads the service requesttransaction, and executes the following test items.

(A) A time interval between the local time and a timestamp included inthe service request transaction is calculated. If the time interval isgreater than a specified timeout threshold, the test result of the testitem is a timeout, and the service request fails. Otherwise, the testcontinues to the next test item.

(B) A hash value of the service request information included in theservice request message is calculated. If the hash value and a hashvalue of the service request information included in the service requesttransaction are inconsistent, the test result of the test item is a hashvalue error, and the service request fails. Otherwise, the testcontinues to the next test item.

(C) The validity of the service request token is verified. If theservice request token is invalid, the service test result is an invalidtoken. Otherwise, the service request is accepted. At this time, theservice request device is added to the service access member list, andthe service access member list update transaction is generated. Thetransaction includes device information of the service request device.Then, the service access member list update transaction is encryptedusing an encryption key, and the service access member list updatetransaction is sent to the service channel to update the service accessmember list. Furthermore, the encryption key may be shared with othercooperative devices that collectively provide services to the servicerequest device.

After the service test is completed, the service providing device sendsa service response message to the service request device. The serviceresponse message includes the test result of the service request.

An embodiment of the present invention further provides devicescorresponding to the above methods.

As shown in FIG. 8 , the first device 80 according to an embodiment ofthe present invention includes a first information generating unit 81, afirst transaction generating unit 82, a first message sending unit 83,and a first message receiving unit 84.

The first information generating unit 81 generates authenticationrequest information.

The first transaction generating unit 82 generates an authenticationrequest transaction, and sends the authentication request transaction toa first device channel. The authentication request transaction includesa public key of the first device and a first hash value of theauthentication request information, and the first device channel isestablished on a distributed ledger.

The first message sending unit 83 generates an authentication requestmessage including the authentication request information and devicechannel information of the first device channel, produces a digitalsignature of the authentication request message using a private key ofthe first device, and sends the digital signature to a second device.

The first message receiving unit 84 receives the authentication responsemessage returned by the second device. The authentication responsemessage indicates whether authentication of the first device succeeds.

Preferably, the authentication request transaction further includes afirst timestamp indicating when the authentication request transactionis generated. The authentication request information includes a randomnumber and device identification information of the first device. Thedevice identification information includes at least one of a device ID,a MAC address, an IP address, a device brand, and a device type.

Preferably, the device channel information includes a blockchain accountaddress of the first device, and a hash value of a last transaction onthe first device channel, when the distributed ledger is a blockchain.Alternatively, the device channel information includes an ID of a MAM(Masked Authenticated Message) channel, and an address of a firsttransaction on the MAM channel, when the distributed ledger is an IOTA.

Preferably, the first device 80 further includes a key updating unit anda third transaction generating unit (not shown in FIG. 8 ).

The key updating unit updates the public key and the private key of thefirst device.

The third transaction generating unit generates a key revocationtransaction including the updated public key, sends the key revocationtransaction to the first device channel, and updates the public key ofthe first device.

As shown in FIG. 9 , the second device 90 according to an embodiment ofthe present invention includes a second message receiving unit 91, afirst transaction obtaining unit 92, an authentication processing unit93, and a second message sending unit 94.

The second message receiving unit 91 receives an authentication requestmessage sent by a first device. The authentication request messageincluding authentication request information and device channelinformation of a first device channel, and the first device channel isestablished on a distributed ledger.

The first transaction obtaining unit 92 reads an authentication requesttransaction on the first device channel based on the device channelinformation of the first device channel. The authentication requesttransaction includes a public key of the first device and a first hashvalue of the authentication request information.

The authentication processing unit 93 verifies a digital signature ofthe authentication request message using the public key of the firstdevice, and performs an authentication test on the first device based onat least the first hash value and obtaining an authentication resultwhen verification of the digital signature succeeds.

The second message sending unit 94 records an authentication status ofthe first device based on the authentication result, and sends anauthentication response message to the first device. The authenticationresponse message indicates whether authentication succeeds.

Preferably, the authentication processing unit 93 calculates a thirdhash value of the authentication request information included in theauthentication request message, and obtains an authentication resultindicating whether a hash value authentication succeeds, based onwhether the third hash value is consistent with the first hash value.Then, the authentication processing unit 93 obtains the authenticationresult indicating that the authentication of the first device succeeds,when the hash value authentication succeeds.

Preferably, the authentication request transaction further includes afirst timestamp indicating when the authentication request transactionis generated. The authentication request information includes a randomnumber and device identification information of the first device.

The authentication processing unit 93 calculates a first intervalbetween a timestamp of receiving the authentication request message andthe first timestamp, and obtains a test result indicating whethertimeout authentication succeeds, based on whether the first interval isless than a predetermined first threshold.

Alternatively, the authentication processing unit 93 obtains a testresult indicating whether device validity authentication succeeds, basedon whether the device identification information in the authenticationrequest information matches a sending device of the authenticationrequest message.

Alternatively, the authentication processing unit 93 queries historicaltransaction records on the first device channel, and obtains a testresult indicating whether device reliability authentication succeeds,based on whether the number of the historical transaction records isgreater than a predetermined number.

As shown in FIG. 10 , the first device 100 according to anotherembodiment of the present invention includes a service selecting unit101, a second information generating unit 102, a second transactiongenerating unit 103, a third message sending unit 104, and a thirdmessage receiving unit 105.

The service selecting unit 101 requests a service list from a seconddevice, and selects a target service from the service list provided bythe second device.

The second information generating unit 102 generates service requestinformation including the target service and a service access token.

The second transaction generating unit 103 generates a service requesttransaction, and sends the service request transaction to a first devicechannel. The service request transaction includes a second hash value ofthe service request information, and the first device channel isestablished on a distributed ledger.

The third message sending unit 104 generates a service request messageincluding the service request information, produces a digital signatureof the service request message using a private key of the first device,and sends the digital signature to the second device.

The third message receiving unit 105 receives a service response messagereturned by the second device. The service response message indicateswhether a service request is accepted.

Preferably, the service request transaction further includes a secondtimestamp indicating when the service request transaction is generated.

As shown in FIG. 11 , the second device 110 according to anotherembodiment of the present invention includes a fourth message receivingunit 111, a second transaction obtaining unit 112, a service requesttesting unit 113, and a fourth message sending unit 114.

The fourth message receiving unit 111 receives a service list requestmessage sent by a first device, provides a service list to the firstdevice, and receives a service request message sent by the first device.The service request message includes service request information, andthe service request information includes a target service and a serviceaccess token.

The second transaction obtaining unit 112 verifies the digital signatureof the service request message using a public key of the first device ifthe authentication status of the first device indicates successfulauthentication, and reads a service request transaction on a firstdevice channel based on pre-obtained device channel information of thefirst device channel when verification of the digital signaturesucceeds. The service request transaction includes at least a secondhash value of the service request information, and the first devicechannel is established on a distributed ledger.

The service request testing unit 113 performs a service request testbased on at least the service request information and the second hashvalue, and obtains a service request test result indicating whether aservice request is accepted.

The fourth message sending unit 114 sends a service response message tothe first device based on the service request test result. The serviceresponse message indicates whether the service request is accepted.

Preferably, the service request testing unit 113 calculates a fourthhash value of the service request information included in the servicerequest message, and obtains a test result indicating whether a hashvalue test succeeds, based on whether the fourth hash value isconsistent with the second hash value. Then, the service request testingunit 113 obtains a test result indicating whether a token test succeeds,based on whether the service access token is a valid token. Then, theservice request testing unit 113 obtains the service request test resultindicating that the service request is accepted, when the hash valuetest succeeds and the token test succeeds.

Preferably, the service request transaction further includes a secondtimestamp indicating when the service request transaction is generated.The service request testing unit 113 calculates a second intervalbetween a timestamp of receiving the service request message and thesecond timestamp, and obtains a test result indicating whether a timeouttest succeeds, based on whether the second interval is less than apredetermined second threshold.

Preferably, the second device 110 further includes a member list updateunit and a member list update transaction generating unit (not shown inFIG. 11 ).

The member list update unit adds the first device to a service accessmember list of the second device, when the service request test resultis that the service request is accepted.

The member list update transaction generating unit generates a serviceaccess member list update transaction including the first device and thetarget service. Then, the member list update transaction generating unitsends the service access member list update transaction encrypted by anencryption key to a service channel of the second device, and shares theencryption key with a cooperative device of the second device. Theservice channel is established on a distributed ledger, and provides theservice access member list to the cooperative device of the seconddevice, so that the cooperative device provides one or more services toone or more members in the service access member list.

FIG. 12 is a schematic block diagram illustrating the hardware structureof a first device or a second device 1200 according to an embodiment ofthe present invention. As shown in FIG. 12 , the first device or thesecond device 1200 includes a processor 1202, and a memory 1204 storingcomputer-readable instructions.

As illustrated in FIG. 12 , the first device or the second device 1200further includes a network interface 1201, an input device 1203, a harddisk drive (HDD) 1205, and a display device 1206.

Each of ports and each of devices may be connected to each other via abus architecture. The processor 1202 such as one or more centralprocessing units (CPUs), and the memory 1204 such as one or more memoryunits may be connected via various circuits. Other circuits such as anexternal device, a regulator and a power management circuit may also beconnected via the bus architecture. Note that these devices arecommunicably connected via the bus architecture. The bus architectureincludes a power supply bus, a control bus and a status signal busbesides a data bus. A detailed description of the bus architecture isomitted here.

The network interface 1201 may be connected to a network (such as theInternet, a LAN or the like), receive information from the network, andstore the received information in the hard disk drive 1205.

The input device 1203 may receive various commands such as predeterminedthreshold and its setting information input by a user, and transmit thecommands to the processor 1202 to be executed. The input device 1203 mayinclude a keyboard, a pointing apparatus (such as a mouse or a trackball), a touch board, a touch panel or the like.

The display device 1206 may display a result obtained by executing thecommands by the processor 1202. The memory 1204 stores programs and datarequired for running an operating system, and data such as intermediateresults in calculation processes of the processor 1202.

Note that the memory 1204 of the embodiments of the present inventionmay be a volatile memory or a nonvolatile memory, or may include both avolatile memory and a nonvolatile memory. The nonvolatile memory may bea read-only memory (ROM), a programmable read-only memory (PROM), anerasable programmable read-only memory (EPROM), an electrically erasableprogrammable read-only memory (EEPROM) or a flash memory. The volatilememory may be a random access memory (RAM), which used as an externalhigh-speed buffer. The memory 1204 of the apparatus or the methoddescribed herein includes and is not limited to any other suitablememory.

In some embodiments, the memory 1204 stores executable modules or datastructure, their subsets, or their superset, i.e., an operating system(OS) 12041 and an application program 12042.

The operating system 12041 includes various system programs forimplementing various essential tasks and processing tasks based onhardware, such as a frame layer, a core library layer, a drive layer andthe like. The application program 12042 includes various applicationprograms for realizing various application tasks, such as a browser andthe like. A program for realizing the method according to theembodiments of the present invention may be included in the applicationprogram 12042.

The method according to the above embodiments of the present inventionmay be applied to the processor 1202 or may be realized by the processor1202. The processor 1202 may be an integrated circuit chip capable ofprocessing signals. Each step of the above method may be realized byinstructions in a form of integrated logic circuit of hardware in theprocessor 1202 or a form of software. The processor 1202 may be ageneral-purpose processor, a digital signal processor (DSP), anapplication specific integrated circuit (ASIC), field programmable gatearray signals (FPGA) or other programmable logic device (PLD), adiscrete gate or transistor logic, discrete hardware components capableof realizing or executing the methods, the steps and the logic blocks ofthe embodiments of the present invention. The general-purpose processormay be a micro-processor, or alternatively, the processor may be anyconventional processor. The steps of the method according to theembodiments of the present invention may be realized by a hardwaredecoding processor, or combination of hardware modules and softwaremodules in a decoding processor. The software modules may be located ina conventional storage medium such as a random access memory (RAM), aflash memory, a read-only memory (ROM), a erasable programmableread-only memory (EPROM), an electrically erasable programmableread-only memory (EEPROM), a register or the like. The storage medium islocated in the memory 1204, and the processor 1202 reads information inthe memory 1204 and realizes the steps of the above methods incombination with hardware.

Note that the embodiments described herein may be realized by hardware,software, firmware, intermediate code, microcode or any combinationthereof. For hardware implementation, the processor may be realized inone or more application specific integrated circuits (ASIC), digitalsignal processing devices (DSPD), programmable logic devices (PLD),field programmable gate array signals (FPGA), general-purposeprocessors, controllers, micro-controllers, micro-processors, or otherelectronic components or their combinations for realizing functions ofthe present invention.

For software implementation, the embodiments of the present inventionmay be realized by executing functional modules (such as processes,functions or the like). Software codes may be stored in a memory andexecuted by a processor. The memory may be implemented inside or outsidethe processor.

The device 1200 may be the first device in the process shown in FIG. 1 .In this case, when the computer-readable instructions are executed bythe processor 1202, the processor 1202 generates authentication requestinformation; generates an authentication request transaction, and sendsthe authentication request transaction to a first device channel, theauthentication request transaction including a public key of the firstdevice and a first hash value of the authentication request information,and the first device channel being established on a distributed ledger;generates an authentication request message including the authenticationrequest information and device channel information of the first devicechannel, produces a digital signature of the authentication requestmessage using a private key of the first device, and sends the digitalsignature to a second device; and receives an authentication responsemessage returned by the second device, the authentication responsemessage indicating whether authentication of the first device succeeds.

Preferably, the authentication request transaction further includes afirst timestamp indicating when the authentication request transactionis generated. The authentication request information includes a randomnumber and device identification information of the first device. Thedevice identification information includes at least one of a device ID,a MAC address, an IP address, a device brand, and a device type.

Preferably, the device channel information includes a blockchain accountaddress of the first device, and a hash value of a last transaction onthe first device channel, when the distributed ledger is a blockchain.Alternatively, the device channel information includes an ID of a MAM(Masked Authenticated Message) channel, and an address of a firsttransaction on the MAM channel, when the distributed ledger is an IOTA.

Preferably, when the computer-readable instructions are executed by theprocessor 1202, the processor 1202 further updates the public key andthe private key of the first device; generates a key revocationtransaction including the updated public key; and sends the keyrevocation transaction to the first device channel, and updates thepublic key of the first device.

The device 1200 may be the second device in the process shown in FIG. 2. In this case, when the computer-readable instructions are executed bythe processor 1202, the processor 1202 receives an authenticationrequest message sent by a first device, the authentication requestmessage including authentication request information and device channelinformation of a first device channel, and the first device channelbeing established on a distributed ledger; reads an authenticationrequest transaction on the first device channel based on the devicechannel information of the first device channel, the authenticationrequest transaction including a public key of the first device and afirst hash value of the authentication request information; verifies thedigital signature of the authentication request message using the publickey of the first device, and performs an authentication test on thefirst device based on at least the first hash value and obtaining anauthentication result when verification of the digital signaturesucceeds; and records an authentication status of the first device basedon the authentication result, and sends an authentication responsemessage to the first device, the authentication response messageindicating whether authentication succeeds.

Preferably, when the computer-readable instructions are executed by theprocessor 1202, the processor 1202 calculates a third hash value of theauthentication request information included in the authenticationrequest message, and obtains an authentication result indicating whethera hash value authentication succeeds, based on whether the third hashvalue is consistent with the first hash value; and obtains theauthentication result indicating that the authentication of the firstdevice succeeds, when the hash value authentication succeeds.

Preferably, the authentication request transaction further includes afirst timestamp indicating when the authentication request transactionis generated. The authentication request information includes a randomnumber and device identification information of the first device. Whenthe computer-readable instructions are executed by the processor 1202,the processor 1202 calculates a first interval between a timestamp ofreceiving the authentication request message and the first timestamp,and obtains a test result indicating whether timeout authenticationsucceeds, based on whether the first interval is less than apredetermined first threshold; obtains a test result indicating whetherdevice validity authentication succeeds, based on whether the deviceidentification information in the authentication request informationmatches a sending device of the authentication request message; andqueries historical transaction records on the first device channel, andobtains a test result indicating whether device reliabilityauthentication succeeds, based on whether the number of the historicaltransaction records is greater than a predetermined number.

The device 1200 may be the first device in the process shown in FIG. 5 .In this case, when the computer-readable instructions are executed bythe processor 1202, the processor 1202 requests a service list from asecond device, and selects a target service from the service listprovided by the second device; generates service request informationincluding the target service and a service access token; generates aservice request transaction, and sends the service request transactionto a first device channel, the service request transaction including asecond hash value of the service request information, and the firstdevice channel being established on a distributed ledger; generates aservice request message including the service request information,produces a digital signature of the service request message using aprivate key of the first device, and sends the digital signature to thesecond device; and receives a service response message returned by thesecond device, the service response message indicating whether a servicerequest is accepted.

Preferably, the service request transaction further includes a secondtimestamp indicating when the service request transaction is generated.

The device 1200 may be the second device in the process shown in FIG. 6. In this case, when the computer-readable instructions are executed bythe processor 1202, the processor 1202 receives a service list requestmessage sent by a first device, and provides a service list to the firstdevice; receives a service request message sent by the first device, theservice request message including service request information, and theservice request information including a target service and a serviceaccess token; verifies a digital signature of the service requestmessage using a public key of the first device when an authenticationstatus of the first device is successful authentication, and reads aservice request transaction on a first device channel based onpre-obtained device channel information of the first device channel whenverification of the digital signature succeeds, the service requesttransaction including at least a second hash value of the servicerequest information, and the first device channel being established on adistributed ledger; performs a service request test based on at leastthe service request information and the second hash value, and obtains aservice request test result indicating whether a service request isaccepted; and sends a service response message to the first device basedon the service request test result, the service response messageindicating whether the service request is accepted.

Preferably, when the computer-readable instructions are executed by theprocessor 1202, the processor 1202 calculates a fourth hash value of theservice request information included in the service request message, andobtains a test result indicating whether a hash value test succeeds,based on whether the fourth hash value is consistent with the secondhash value; obtains a test result indicating whether a token testsucceeds, based on whether the service access token is a valid token;and obtains the service request test result indicating that the servicerequest is accepted, when the hash value test succeeds and the tokentest succeeds.

Preferably, the service request transaction further includes a secondtimestamp indicating when the service request transaction is generated.When the computer-readable instructions are executed by the processor1202, the processor 1202 calculates a second interval between atimestamp of receiving the service request message and the secondtimestamp, and obtains a test result indicating whether a timeout testsucceeds, based on whether the second interval is less than apredetermined second threshold.

Preferably, when the computer-readable instructions are executed by theprocessor 1202, the processor 1202 further adds the first device to aservice access member list of the second device, when the servicerequest test result indicating that the service request is accepted isobtained; generates a service access member list update transactionincluding the first device and the target service; and sends the serviceaccess member list update transaction encrypted by an encryption key toa service channel of the second device, and shares the encryption keywith a cooperative device of the second device. The service channel isestablished on a distributed ledger, and provides the service accessmember list to the cooperative device of the second device, so that thecooperative device provides one or more services to one or more membersin the service access member list.

As known by a person skilled in the art, the elements and algorithmsteps of the embodiments disclosed herein may be implemented byelectronic hardware or a combination of computer software and electronichardware. Whether these functions are performed in hardware or softwaredepends on the specific application and design constraints of thesolution. A person skilled in the art may use different methods forimplementing the described functions for each particular application,but such implementation should not be considered to be beyond the scopeof the present invention.

As clearly understood by a person skilled in the art, for theconvenience and brevity of the description, the specific working processof the system, the device and the unit described above may refer to thecorresponding process in the above method embodiment, and detaileddescriptions are omitted here.

In the embodiments of the present application, it should be understoodthat the disclosed apparatus and method may be implemented in othermanners. For example, the device embodiments described above are merelyillustrative. For example, the division of the unit is only a logicalfunction division. In actual implementation, there may be anotherdivision manner, for example, units or components may be combined or beintegrated into another system, or some features may be ignored or notexecuted. In addition, the coupling or direct coupling or communicationconnection described above may be an indirect coupling or communicationconnection through some interface, device or unit, and may beelectrical, mechanical or the like.

The units described as separate components may or may not be physicallyseparated, and the components displayed as units may or may not bephysical units, that is to say, may be located in one place, or may bedistributed to network units. Some or all of the units may be selectedaccording to actual needs to achieve the objectives of the embodimentsof the present invention.

In addition, each functional unit the embodiments of the presentinvention may be integrated into one processing unit, or each unit mayexist physically separately, or two or more units may be integrated intoone unit.

The functions may be stored in a computer readable storage medium if thefunctions are implemented in the form of a software functional unit andsold or used as an independent product. Based on such understanding, thetechnical solution of the present invention, which is essential orcontributes to the prior art, or a part of the technical solution, maybe embodied in the form of a software product, which is stored in astorage medium, including instructions that are used to cause a computerdevice (which may be a personal computer, a server, or a network device,etc.) to perform all or a part of the steps of the methods described inthe embodiments of the present invention. The above storage mediumincludes various media that can store program codes, such as a USB flashdrive, a mobile hard disk, a ROM, a RAM, a magnetic disk, or an opticaldisk.

The present invention is not limited to the specifically describedembodiments, and various modifications, combinations and replacementsmay be made without departing from the scope of the present invention.

What is claimed is:
 1. A device authentication method comprising:generating, by a first device, authentication request information;generating, by the first device, an authentication request transactionincluding a public key of the first device and a first hash value of theauthentication request information; sending the authentication requesttransaction to a first device channel, the first device channel beingestablished on a distributed ledger; generating, by the first device, anauthentication request message including the authentication requestinformation and device channel information, the device channelinformation identifying the first device channel on the distributedledger; producing a digital signature of the authentication requestmessage using a private key of the first device; sending the digitalsignature to a second device; and receiving, by the first device, anauthentication response message returned by the second device, theauthentication response message indicating whether authentication of thefirst device succeeds.
 2. The device authentication method as claimed inclaim 1, wherein the authentication request transaction further includesa first timestamp indicating when the authentication request transactionis generated, wherein the authentication request information includes arandom number and device identification information of the first device,and wherein the device identification information includes at least oneof a device ID, a MAC address, an IP address, a device brand, or adevice type.
 3. The device authentication method as claimed in claim 1,wherein the distributed ledger is a blockchain and the device channelinformation includes a blockchain account address of the first device,and a hash value of a last transaction on the first device channel, orwherein the distributed ledger is an IOTA and the device channelinformation includes an ID of a MAM (Masked Authenticated Message)channel, and an address of a first transaction on the MAM channel. 4.The device authentication method as claimed in claim 1, furthercomprising: updating, by the first device, the public key and theprivate key of the first device; generating, by the first device, a keyrevocation transaction that includes the updated public key; andsending, by the first device, the key revocation transaction to thefirst device channel, and updating the public key of the first device.5. A device authentication method comprising: receiving, by a seconddevice, an authentication request message sent by a first device, theauthentication request message including authentication requestinformation and device channel information identifying a first devicechannel on a distributed ledger; reading, by the second device, anauthentication request transaction on the first device channel based onthe device channel information of the first device channel on thedistributed ledger, the authentication request transaction including apublic key of the first device and a first hash value of theauthentication request information; verifying, by the second device, adigital signature of the authentication request message using the publickey of the first device; performing, by the second device, anauthentication test on the first device based on at least the first hashvalue; obtaining an authentication result in response to verification ofthe digital signature succeeding; recording, by the second device, anauthentication status of the first device based on the authenticationresult; and sending an authentication response message to the firstdevice, the authentication response message indicating whetherauthentication succeeds.
 6. The device authentication method as claimedin claim 5, wherein performing the authentication test on the firstdevice based on at least the first hash value includes calculating athird hash value of the authentication request information included inthe authentication request message, and obtaining an authenticationresult indicating whether a hash value authentication succeeds, based onwhether the third hash value is consistent with the first hash value,and wherein obtaining the authentication result includes obtaining theauthentication result indicating that the authentication of the firstdevice succeeds, when the hash value authentication succeeds.
 7. Thedevice authentication method as claimed in claim 6, wherein theauthentication request transaction further includes a first timestampindicating when the authentication request transaction is generated,wherein the authentication request information includes a random numberand device identification information of the first device, and whereinperforming the authentication test on the first device and obtaining theauthentication result further includes at least one of: calculating afirst interval between a timestamp of receiving the authenticationrequest message and the first timestamp, and obtaining a test resultindicating whether timeout authentication succeeds, based on whether thefirst interval is less than a predetermined first threshold; obtaining atest result indicating whether device validity authentication succeeds,based on whether the device identification information in theauthentication request information matches a sending device of theauthentication request message; or querying historical transactionrecords on the first device channel, and obtaining a test resultindicating whether device reliability authentication succeeds, based onwhether the number of the historical transaction records is greater thana predetermined number.
 8. A first device comprising: at least onememory coupled to at least one processor, at least one processorconfigured to: generate authentication request information; generate anauthentication request transaction; send the authentication requesttransaction to a first device channel, the authentication requesttransaction including a public key of the first device and a first hashvalue of the authentication request information, and the first devicechannel being established on a distributed ledger; generate anauthentication request message including the authentication requestinformation and device channel information identifying the first devicechannel on the distributed ledger; produce a digital signature of theauthentication request message using a private key of the first device;send the digital signature to a second device; and receive anauthentication response message returned by the second device, theauthentication response message indicating whether authentication of thefirst device succeeds.
 9. The first device as claimed in claim 8,wherein at least one processor is further configured to: update thepublic key and the private key of the first device; generate a keyrevocation transaction that includes the updated public key; send thekey revocation transaction to the first device channel; and update thepublic key of the first device.
 10. The device authentication method asclaimed in claim 1, wherein the first device is a node in thedistributed ledger.
 11. The device authentication method as claimed inclaim 1, further comprising: updating, by the first device, asymmetrickeys of the first device; generating, by the first device, a keyrevocation transaction including an updated public key; and sending, bythe first device, the key revocation transaction to the first devicechannel.
 12. The device authentication method as claimed in claim 5,wherein the first device is a node in the distributed ledger.
 13. Thefirst device as claimed in claim 8, wherein the first device is a nodein the distributed ledger.
 14. The first device as claimed in claim 8,wherein the at least one processor is configured to: update asymmetrickeys of the first device; generate a key revocation transactionincluding an updated public key; and send the key revocation transactionto the first device channel.